villebro commented on code in PR #21322:
URL: https://github.com/apache/superset/pull/21322#discussion_r962837941
##########
superset/db_engine_specs/snowflake.py:
##########
@@ -279,3 +284,33 @@ def parameters_json_schema(cls) -> Any:
spec.components.schema(cls.__name__, schema=cls.parameters_schema)
return spec.to_dict()["components"]["schemas"][cls.__name__]
+
+ @staticmethod
+ def update_params_from_encrypted_extra(
+ database: "Database",
+ params: Dict[str, Any],
+ ) -> None:
+ if not database.encrypted_extra:
+ return
+ try:
+ encrypted_extra = json.loads(database.encrypted_extra)
+ auth_method = encrypted_extra.pop("auth_method", None)
+ auth_params = encrypted_extra.pop("auth_params", {})
+ if not auth_method:
+ return
+ connect_args = params.setdefault("connect_args", {})
+ if auth_method == "keypair":
+ with open(auth_params['privatekey_path'], "rb") as key:
Review Comment:
There appears to be some linting issues here (we should always use double
quotes)
##########
superset/db_engine_specs/snowflake.py:
##########
@@ -279,3 +284,33 @@ def parameters_json_schema(cls) -> Any:
spec.components.schema(cls.__name__, schema=cls.parameters_schema)
return spec.to_dict()["components"]["schemas"][cls.__name__]
+
+ @staticmethod
+ def update_params_from_encrypted_extra(
+ database: "Database",
+ params: Dict[str, Any],
+ ) -> None:
+ if not database.encrypted_extra:
+ return
+ try:
+ encrypted_extra = json.loads(database.encrypted_extra)
+ auth_method = encrypted_extra.pop("auth_method", None)
+ auth_params = encrypted_extra.pop("auth_params", {})
Review Comment:
I don't see any reason to `.pop()` here, let's just `.get()`
##########
requirements/testing.txt:
##########
@@ -136,7 +136,10 @@ websocket-client==1.2.0
# via docker
wrapt==1.12.1
# via astroid
-
+snowflake-connector-python==2.7.9
+ # via snowflake
+snowflake-sqlalchemy==1.2.4
+ # via snowflake
Review Comment:
I'm not sure we need these, as there are no integration tests added here
that require having the snowflake drivers present.
##########
superset/db_engine_specs/snowflake.py:
##########
@@ -279,3 +284,33 @@ def parameters_json_schema(cls) -> Any:
spec.components.schema(cls.__name__, schema=cls.parameters_schema)
return spec.to_dict()["components"]["schemas"][cls.__name__]
+
+ @staticmethod
+ def update_params_from_encrypted_extra(
+ database: "Database",
+ params: Dict[str, Any],
+ ) -> None:
+ if not database.encrypted_extra:
+ return
+ try:
+ encrypted_extra = json.loads(database.encrypted_extra)
+ auth_method = encrypted_extra.pop("auth_method", None)
+ auth_params = encrypted_extra.pop("auth_params", {})
+ if not auth_method:
+ return
+ connect_args = params.setdefault("connect_args", {})
+ if auth_method == "keypair":
+ with open(auth_params['privatekey_path'], "rb") as key:
+ p_key = serialization.load_pem_private_key(
+ key.read(),
+ password=auth_params['privatekey_pass'].encode(),
+ backend=default_backend()
+ )
Review Comment:
Let's also support passing the `privatekey` directly to avoid having to
place the key inside the Superset instance/pod. This way it would be possible
to either pass `privatekey_path` or `privatekey`.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
